Commit Graph

83 Commits

Author SHA1 Message Date
Sean Anderson
bcc85b96b5 cmd: source: Support specifying config name
As discussed previously [1,2], the source command is not safe to use with
verified boot unless there is a key with required = "images" (which has its
own problems). This is because if such a key is absent, signatures are
verified but not required. It is assumed that configuration nodes will
provide the signature. Because the source command does not use
configurations to determine the image to source, effectively no
verification takes place.

To address this, allow specifying configuration nodes. We use the same
syntax as the bootm command (helpfully provided for us by fit_parse_conf).
By default, we first try the default config and then the default image. To
force using a config, # must be present in the command (e.g. `source
$loadaddr#my-conf`). For convenience, the config may be omitted, just like
the address may be (e.g. `source \#`). This also works for images
(`source :` behaves exactly like `source` currently does).

[1] https://lore.kernel.org/u-boot/7d711133-d513-5bcb-52f2-a9dbaa9eeded@prevas.dk/
[2] https://lore.kernel.org/u-boot/042dcb34-f85f-351e-1b0e-513f89005fdd@gmail.com/

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-12-31 13:35:19 -05:00
Simon Glass
bbe285c305 image: Allow loading a FIT image for a particular phase
Add support for filtering out FIT images by phase. Rather than adding yet
another argument to this already overloaded function, use a composite
value, where the phase is only added in if needed.

The FIT config is still selected (and verified) as normal, but the images
are selected based on the phase.

Tests for this come in a little later, as part of the updated VPL test.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:02:45 -04:00
Simon Glass
44ad35a0f6 image: Add the concept of a phase to FIT
We want to be able to mark an image as related to a phase, so we can
easily load all the images for SPL or for U-Boot proper.

Add this to the FIT specification, along with some access functions.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:02:44 -04:00
Simon Glass
f3543e6944 treewide: Drop image_header_t typedef
This is not needed and we should avoid typedefs. Use the struct instead
and rename it to indicate that it really is a legacy struct.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Martin Bonner
4e5e374bf9 Provide more details of exactly how configuration signatures are calculated
Describe exactly which bytes are hashed and in what order
when signing a configuration.

Signed-off-by: Martin Bonner <martingreybeard@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-07-29 18:59:47 +02:00
Adrian Fiergolski
b524f8fb1e fpga: zynqmp: support loading encrypted bitfiles
Add supporting new compatible string "u-boot,zynqmp-fpga-enc" to
handle loading encrypted bitfiles.

This feature requires encrypted FSBL, as according to UG1085:
"The CSU automatically locks out the AES key, stored in either BBRAM
 or eFUSEs, as a key source to the AES engine if the FSBL is not
 encrypted. This prevents using the BBRAM or eFUSE as the key source
 to the AES engine during run-time applications."

Signed-off-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Link: https://lore.kernel.org/r/20220722141614.297383-14-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-07-26 09:34:21 +02:00
Oleksandr Suvorov
a3a1afb747 fpga: zynqmp: support loading authenticated images
Add supporting new compatible string "u-boot,zynqmp-fpga-ddrauth" to
handle loading authenticated images (DDR).

Based on solution by Jorge Ramirez-Ortiz <jorge@foundries.io>

Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Link: https://lore.kernel.org/r/20220722141614.297383-13-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-07-26 09:34:21 +02:00
Marc Kleine-Budde
62b27a561c mkimage: use environment variable MKIMAGE_SIGN_PIN to set pin for OpenSSL Engine
This patch adds the possibility to pass the PIN the OpenSSL Engine
used during signing via the environment variable MKIMAGE_SIGN_PIN.
This follows the approach used during kernel module
signing ("KBUILD_SIGN_PIN") or UBIFS image
signing ("MKIMAGE_SIGN_PIN").

Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2021-07-28 20:46:34 -04:00
Thomas Perrot
41a4a30855 doc: fix typo in signature.txt
Fix value fields in signature nodes.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-07-12 20:30:48 +02:00
Alexandru Gagniuc
6795c75109 doc: FIT image: Update FPGA example to make use of "loadables"
The new correct way to load an FPGA image is to declare it in the list
of "loadables". multi-with-fpga.its used the now deprecated "fpga"
property. Since this example most likely intended to use u-boot's
generic FPGA loading code, compatible = "u-boot,fpga-legacy" is also
appropriate here.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:23:01 -04:00
Alexandru Gagniuc
e1662d6995 doc: FIT image: Introduce "u-boot, fpga-legacy" property
Commit 4afc4f37c7 ("doc: FIT image: Clarify format and simplify
syntax") introduced a "compatible" property for loadable images.
It did not define its contents. Use "u-boot,fpga-legacy" compatible
string to specify that fpga_load() should be used to load the image.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-04-14 15:23:01 -04:00
Alexandru Gagniuc
fb6532ec6c doc: signature.txt: Document the keydir and keyfile arguments
After lots of debating, this documents how we'd like mkimage to treat
'keydir' and 'keyfile' arguments. The rest is in the docs.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:23:01 -04:00
Alexandru Gagniuc
9eef0fe7e5 doc: signature.txt: Document devicetree format for ECDSA keys
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Alexandru Gagniuc
4afc4f37c7 doc: FIT image: Clarify format and simplify syntax
** Introduction

There are currently four ways to load an OS image with u-boot
  1. SPL -> u-boot -> bootm
  2. SPL blue falcon mode
  3. "Basic" FIT image (CONFIG_LOAD_FIT)
  4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)

These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.

The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.

We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.

Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).

** Description of changes

 * The "configurations" node is now mandatory

Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.

 * Eliminate "ramdisk", "setup", "standalone", and "fpga" properties

Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
 - A "ramdisk" is identical to a loadable. Thus ramdisk images should
   be placed under "loadables".
 - A "setup" node can be achieved by using a "kernel" or "firmware"
   property instead.
 - "standalone" is used for u-boot nodes. The correct property to use
   in this case is "firmware".
 - "fpga" is a loadable

 * Prioritize control between "firmware" and "kernel"

"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.

** Further generalizations (not included herein)

The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-01-22 16:17:33 -05:00
Sean Anderson
55a2bec7b5 doc: Fix typo in FIT documentation
u_boot should be u-boot

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
2020-12-18 16:16:36 +05:30
Michal Simek
caa7fc2c57 spl: Use standard FIT entries
SPL is creating fit-images DT node when loadables are recorded in selected
configuration. Entries which are created are using entry-point and
load-addr property names. But there shouldn't be a need to use non standard
properties because entry/load are standard FIT properties. But using
standard FIT properties enables option to use generic FIT functions to
descrease SPL size. Here is result for ZynqMP virt configuration:
xilinx_zynqmp_virt: spl/u-boot-spl:all -82 spl/u-boot-spl:rodata -22 spl/u-boot-spl:text -60

The patch causes change in run time fit image record.
Before:
fit-images {
        uboot {
                os = "u-boot";
                type = "firmware";
                size = <0xfd520>;
                entry-point = <0x8000000>;
                load-addr = <0x8000000>;
        };
};

After:
fit-images {
        uboot {
                os = "u-boot";
                type = "firmware";
                size = <0xfd520>;
                entry = <0x8000000>;
                load = <0x8000000>;
        };
};

Replacing calling fdt_getprop_u32() by fit_image_get_entry/load() also
enables support for reading entry/load properties recorded in 64bit format.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-10-27 08:13:32 +01:00
Thirupathaiah Annapureddy
6a0498a5fd doc: verified-boot: add required-mode information
Add documentation about 'required-mode' property in /signature node
in U-Boot's control FDT.

Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-10-12 21:30:37 -04:00
Michal Simek
4d288dcd4c doc: fit: Write hex address as hex instead of int
When update_uboot.its is used directly there is syntax error for no reason.

Error report:
mkimage -f update_uboot.its boot
Error: update_uboot.its:18.12-13 syntax error
FATAL ERROR: Unable to parse input tree
mkimage: Can't read boot.tmp: Invalid argument

Fixes: 4bae90904b ("Automatic software update from TFTP server")
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2020-07-17 10:47:19 -04:00
Tom Rini
897135809a arm: ti: Remove ARCH= references from documentation
When building U-Boot we select the architecture via Kconfig and not ARCH
being passed in via the environment or make cmdline.

Cc: Lokesh Vutla <lokeshvutla@ti.com>
Cc: Vitaly Andrianov <vitalya@ti.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2020-06-02 17:27:04 -04:00
Jan Luebbe
24bf6e84ce lib: rsa: avoid overriding the object name when already specified
If "object=" is specified in "keydir" when using the pkcs11 engine do
not append another "object=<key-name-hint>". This makes it possible to
use object names other than the key name hint. These two string
identifiers are not necessarily equal.

Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
2020-05-15 14:47:35 -04:00
Kever Yang
ebfe611be9 mkimage: fit_image: Add option to make fit header align
The image is usually stored in block device like emmc, SD card, make the
offset of image data aligned to block(512 byte) can avoid data copy
during boot process.
eg. SPL boot from FIT image with external data:
- SPL read the first block of FIT image, and then parse the header;
- SPL read image data separately;
- The first image offset is the base_offset which is the header size;
- The second image offset is just after the first image;
- If the offset of imge does not aligned, SPL will do memcpy;
The header size is a ramdon number, which is very possible not aligned, so
add '-B size'to specify the align size in hex for better performance.

example usage:
  ./tools/mkimage -E -f u-boot.its -B 0x200 u-boot.itb

Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp>
Reviewed-by: Tom Rini <trini@konsulko.com>
2020-04-24 10:10:01 -04:00
Cristian Ciocaltea
b533386dc1 doc: Add sample uefi.its image description file
This patch adds an example FIT image description file demonstrating
the usage of bootm command to securely launch UEFI binaries.

Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-07 18:08:21 +01:00
Heinrich Schuchardt
97fd36933c doc: fitImage: example of a signature node
Describe that a signature node can be added to a binary device tree using
the mkimage tool.

Provide an example device tree node.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-12-13 13:01:53 -05:00
Thomas Hebb
32f2ca2a7e cosmetic: Fix spelling and whitespace errors
Signed-off-by: Thomas Hebb <tommyhebb@gmail.com>
2019-12-03 08:43:23 -05:00
Julius Werner
18cfa612a9 fit: Support compat string property in configuration node
This patch adds support for an optional optimization to compatible
string matching where the compatible string property from the root node
of the kernel FDT can be copied into the configuration node of the FIT
image. This is most useful when using compressed FDTs or when using FDT
overlays, where the traditional extraction of the compatible string from
the kernel FDT itself is not easily possible.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2019-07-29 09:32:08 -04:00
Mickaël Tansorier
57a51123f1 doc: fitImage: Cosmetics break lines
Add missing newline before title and subtitle.

Signed-off-by: Mickaël Tansorier <mickael.tansorier@smile.fr>
2019-07-24 14:15:37 -04:00
Mickaël Tansorier
15958c74a9 doc: fitImage: Fix conf number incrementation
Increment conf id to avoid to have two same conf name
into one configuration description.

Signed-off-by: Mickaël Tansorier <mickael.tansorier@smile.fr>
2019-07-24 14:15:37 -04:00
Vesa Jääskeläinen
5b123e0109 lib: rsa: add support to other openssl engine types than pkcs11
There are multiple other openssl engines used by HSMs that can be used to
sign FIT images instead of forcing users to use pkcs11 type of service.

Relax engine selection so that other openssl engines can be specified and
use generic key id definition formula.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Cc: Tom Rini <trini@konsulko.com>
2019-07-18 11:31:23 -04:00
Tom Rini
c76c93a3d5 configs: Rename CONFIG_IMAGE_FORMAT_LEGACY to CONFIG_LEGACY_IMAGE_FORMAT
The name CONFIG_LEGACY_IMAGE_FORMAT reads slightly better along with
allowing us to avoid a rather nasty Kbuild/Kconfig issue down the line
with CONFIG_IS_ENABLED(IMAGE_FORMAT_LEGACY).  In a few places outside of
cmd/ switch to using CONFIG_IS_ENABLED() to test what is set.

Signed-off-by: Tom Rini <trini@konsulko.com>
2019-07-11 14:11:18 -04:00
Philippe Reynes
e83cf2fbfc doc: uImage.FIT: signature.txt: add option padding
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-03 10:44:10 -05:00
Pierre-Jean Texier
612e99123b doc: FIT image: fix typo
Fix typo in beaglebone verified boot documentation.

Signed-off-by: Pierre-Jean Texier <texier.pj2@gmail.com>
2018-08-20 07:21:29 -04:00
Simon Goldschmidt
fd15a9e256 doc: FIT image: clarify usage of "compression" property
Compressed images should have their compression property
set to "none" if U-Boot should leave them compressed.

This is especially the case for compressed ramdisks that
should be uncompressed by the kernel only.

Signed-off-by: Simon Goldschmidt <sgoldschmidt@de.pepperl-fuchs.com>
2018-08-10 13:45:33 -04:00
Sumit Garg
8044900a5b armv8: sec_firmware: Add support for multiple loadables
Enable support for multiple loadable images in SEC firmware FIT image.
Also add example "sec_firmware_ppa.its" file.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2018-05-09 09:17:51 -05:00
Andre Przywara
b8790ebeec doc: FIT image: fix incorrect examples of DT node unit address
The DT spec demands a unit-address of a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the FIT image example files where this was not
observed, to not give bad examples to the reader.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2018-01-15 18:29:21 -07:00
Andre Przywara
838404054e doc: FIT image: fix incorrect description of DT node unit address
The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the FIT image documentation files where this was not
observed, to not give bad examples to the reader.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2018-01-15 18:29:21 -07:00
Peng Fan
a1be94b654 SPL: Add FIT data-position property support
For external data, FIT has a optional property "data-position" which
can set the external data to a fixed offset to FIT beginning.
Add the support for this property in SPL FIT.

Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tomas Melin <tomas.melin@vaisala.com>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: "Andrew F. Davis" <afd@ti.com>
Cc: Igor Grinberg <grinberg@compulab.co.il>
Cc: "tomas.melin@vaisala.com" <tomas.melin@vaisala.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Lokesh Vutla <lokeshvutla@ti.com>
Cc: "Cooper Jr., Franklin" <fcooper@ti.com>
Cc: George McCollister <george.mccollister@gmail.com>
Cc: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
Cc: Jean-Jacques Hiblot <jjhiblot@ti.com>
Cc: Rick Altherr <raltherr@google.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-12-12 21:33:38 -05:00
Masahiro Yamada
6af5520fe1 doc: verified-boot: fix crypto algorithm examples
As you see in crypto_algos in common/image-sig.c, the algorithm
should be either "rsa2048" or "rsa4096".  "rs2048" is a typo.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-10-23 17:28:18 -04:00
Franklin S Cooper Jr
56fc7032e1 doc: overlays: Tweak documentation regarding overlays
Pull some information regarding overlays from commit messages and
put them directly within the documentation. Also add some information
regarding required dtc version to properly use overlays.

Signed-off-by: Franklin S Cooper Jr <fcooper@ti.com>
Acked-by: Simon Glass <sjg@chromium.org>
2017-09-15 05:27:49 -06:00
Pantelis Antoniou
6b54e50b5a fit: fdt overlays doc
Signed-off-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Reviewed-by: Łukasz Majewski
Acked-by: Simon Glass <sjg@chromium.org>
2017-09-15 05:27:49 -06:00
York Sun
c8bc3c0c9f spl: fit: Add booting OS first
If CONFIG_SPL_OS_BOOT is enabled, boot OS if kernel image is found
in FIT structure.

Signed-off-by: York Sun <york.sun@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-09-11 07:55:36 -07:00
York Sun
5fd13d9736 spl: fit: Support both external and embedded data
SPL supports U-Boot image in FIT format which has data outside of
FIT structure. This adds support for embedded data for normal FIT
images.

Signed-off-by: York Sun <york.sun@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-09-11 07:55:36 -07:00
Masahiro Yamada
e43f74ac0b doc: verified-boot: fix typos
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-08-26 14:56:14 -04:00
Tom Rini
25fa0b930f FIT: List kernel_noload in the list of types
In the source_file_format.txt file we talk about how to construct a
valid FIT image.  While it already says to look at the source for the
full list, add kernel_noload to the explicit list of types.  This is
arguably the most important type to use as most often we are including a
kernel that will run from wherever it is loaded into memory and execute.

This for example, allows you to create a single FIT image for Linux that
can be used on both OMAP and i.MX devices as the kernel will not need to
be moved in memory.

Signed-off-by: Tom Rini <trini@konsulko.com>
2017-07-26 11:29:15 -04:00
Andre Przywara
411cf32d20 SPL: FIT: allow loading multiple images
So far we were not using the FIT image format to its full potential:
The SPL FIT loader was just loading the first image from the /images
node plus one of the listed DTBs.
Now with the refactored loader code it's easy to load an arbitrary
number of images in addition to the two mentioned above.
As described in the FIT image source file format description, iterate
over all images listed at the "loadables" property in the configuration
node and load every image at its desired location.
This allows to load any kind of images:
- firmware images to execute before U-Boot proper (for instance
  ARM Trusted Firmware (ATF))
- firmware images for management processors (SCP, arisc, ...)
- firmware images for devices like WiFi controllers
- bit files for FPGAs
- additional configuration data
- kernels and/or ramdisks
The actual usage of this feature would be platform and/or board specific.

Also update the FIT documentation to mention the new SPL feature and
provide an example .its file to demonstrate its features.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Lokesh Vutla <lokeshvuta@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Heiko Stuebner <heiko@sntech.de>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Tested-by: Kever Yang <kever.yang@rock-chips.com>
Tested-by: Jagan Teki <jagan@openedev.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
2017-05-17 23:15:43 +05:30
George McCollister
f1ca1fdebf mkimage: Add support for signing with pkcs11
Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.

Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.

Signed-off-by: George McCollister <george.mccollister@gmail.com>
2017-01-14 16:47:13 -05:00
Andrew F. Davis
d7be50921e image: Add FIT image loadable section custom processing
To help automate the loading of custom image types we add the ability
to define custom handlers for the loadable section types. When we find
a compatible type while loading a "loadable" image from a FIT image we
run its associated handlers to perform any additional steps needed for
loading this image.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-12-03 13:21:19 -05:00
Simon Glass
dc396210d9 x86: Mention how to boot a 64-bit kernel from U-Boot
The README indicates that this is not supported, but this is no-longer true.
Update the text to indicate this and describe the FIT changes required.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2016-08-16 11:44:09 +08:00
Teddy Reed
f8f9107d97 mkimage: fit: spl: Add an optional static offset for external data
When building a FIT with external data (-E), U-Boot proper may require
absolute positioning for executing the external firmware. To acheive this
use the (-p) switch, which will replace the amended 'data-offset' with
'data-position' indicating the absolute position of external data.

It is considered an error if the requested absolute position overlaps with the
initial data required for the compact FIT.

Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
2016-06-24 17:23:06 -04:00
Michal Simek
ed0cea7c52 mkimage: Report information about fpga
Add FIT_FPGA_PROP that user can identify an optional
entry for fpga.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-05-24 11:15:02 +02:00
Andreas Dannenberg
4c1d5c29b5 doc: clarify openssl-based key and certificate generation process
Add some basic clarification that the dev.key file generated by OpenSSL
contains both the public and private key, and further highlight that
the certificate generated here contains the public key only.

Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
2016-04-01 17:17:41 -04:00